The United States Treasury Department has fallen victim to a significant cyber attack attributed to Chinese state-sponsored hackers, U.S. authorities have confirmed. The breach has raised serious concerns about national cybersecurity as it compromised government employees’ workstations and unclassified documents.
According to a report from The New York Times, the Biden administration disclosed the attack on Monday. The cyber intrusion, flagged on December 8 by BeyondTrust, a third-party software provider, involved the unauthorized use of a security key. This key granted the attackers remote access to select Treasury Department workstations and sensitive documents stored on them.
In a letter addressed to lawmakers, the Treasury Department identified the culprits as an Advanced Persistent Threat (APT) actor linked to China. The department categorized the breach as a “major cybersecurity incident, a designation reserved for high-level intrusions with potential to cause severe disruptions.
The incident has been attributed to a China state-sponsored APT actor, the Treasury’s statement read. In line with department policy, the breach triggered an extensive federal investigation involving the FBI, intelligence agencies, and other cybersecurity entities. Efforts are ongoing to determine the full scope of the intrusion and assess its implications.
The compromised service facilitating the attack has since been deactivated, officials confirmed. While there is no current evidence that the hackers retain access to Treasury systems, the breach underscores the growing threat posed by cyber attacks from foreign adversaries.
This incident further intensifies the spotlight on U.S.-China relations, which have faced escalating tensions over trade, technology, and security issues. As the investigation continues, federal agencies are doubling down on measures to safeguard national assets against such sophisticated cyber threats.